Online Accounts Most Likely to be Compromised Through Phishing Attacks: Google Report

Between March 2016 and March 2017, Google researchers identified 12.4 million potential victims of phishing, roughly 788,000 potential victims of keylogger malware, and over 1.9 billion users whose accounts had been exposed due to data breaches.

The fact that third-party data breaches expose significant amounts of information is not surprising. Several companies admitted that hackers had stolen the details of millions of users from their systems and Yahoo alone exposed over one billion accounts in the past years.

However, Google’s analysis showed that only less than 7 percent of the passwords exposed in third-party data breaches were valid due to password reuse. Furthermore, the company’s data suggests that credential leaks are less likely to result in account takeover due to a decrease in password reuse rates.

On the other hand, nearly a quarter of the passwords stolen via phishing attacks were valid, and Google believes phishing victims are 460 times more likely to have their accounts hacked compared to a random user.

As for keyloggers, nearly 12 percent of the compromised passwords were valid, and falling victim to such malware increases the chances of account takeovers 38 times.

Phishing kits and keyloggers are also more likely to lead to account hijacking due to the fact that many of them also collect additional information that may be requested by the service provider to verify the user’s identity, including IP address, location and phone number.

An analysis of the most popular phishing kits revealed that they mainly target Yahoo, Hotmail, Gmail, Workspace Webmail (GoDaddy) and Dropbox users.

In the case of keyloggers, the HawkEye malware appears to be the most successful, with more than 400,000 emails containing stolen credentials being sent to attackers. Cyborg Logger and Predator Pain also made a significant number of victims.